TITLE OF THE INVENTION 
IMAGE PROCESSING SYSTEM AND 
AUTHENTICATION METHOD OF THE SAME 

5 FIELD OF THE INVENTION 

The present invention relates to an image 
processing system in which a host computer and an image 
processing apparatus capable of processing information 
in the apparatus in accordance with remote control from 
10 the host computer are connected to a network, and an 
authentication method of the system. 

BACKGROUND OF THE INVENTION 

Presently, a multifunction digital copying 

15 machine called an MFP (Multi Function Peripheral) can 
perform copying, printing, scanning, and facsimile 
communication. In addition, scanned image data can be 
stored in an internal hard disk (HDD), and a host 
computer in a remote place can read and acquire the 

20 stored data and can also store data in the HDD. 

When, however, a host computer in a remote place 
remotely controls an image processing apparatus such as 
an MFP, this host computer can read and acquire data in 
the apparatus by only simple password authentication. 

25 Therefore, there was possibility that the data might be 
read or acquired by other users who knew accidentally 
the password. 
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SUMMARY OF THE INVENTION 
The present invention has been made in 
consideration of the above situation, and has as its 
object to strengthen the security when a host computer 
5 connected to a network remotely controls information in 
an image processing apparatus. 

To achieve the above object, according to an 
aspect of the present invention, there is provided an 
authentication method of an image processing system in 

10 which a host computer and an image processing apparatus 
are connected to a network, information in the image 
processing apparatus being processable in accordance 
with a remote operation from the host computer, 
comprising: a first authentication step of 

15 authenticating the image processing apparatus when the 
host computer is to remotely operate information in the 
image processing apparatus; and a second authentication 
step of performing an authentication process for an 
operation with respect to the information on the basis 

20 of a code stored in the host computer. 

Also, according to another aspect of the present 
invention, there is provided an image processing system 
in which a host computer and an image processing 
apparatus are connected to a network, information in 

25 the image processing apparatus being processable in 
accordance with a remote operation from the host 
computer, comprising: first authenticating means for 
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performing authentication to the image processing 
apparatus when the host computer is to remotely operate 
information in the image processing apparatus; and 
second authenticating means for performing an 
5 authentication process for an operation with respect to 
the information on the basis of a code stored in the 
host computer. 

Other features and advantages of the present 
invention will be apparent from the following 
10 description taken in conjunction with the accompanying 
drawings, in which like reference characters designate 
the same or similar parts throughout the figures 
thereof . 



15 BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a block diagram showing the whole 
configuration of an image forming system according to 
an embodiment; 

Fig. 2 is a block diagram showing the software 
20 configuration of an image processing apparatus; 

Fig. 3 is a block diagram showing details of the 
arrangement of the image processing apparatus; 

Fig. 4 is a view showing the external appearance 
of the image processing apparatus according to this 
2 5 embodiment ; 

Fig. 5 is a view showing the arrangement of an 
operation unit 112 shown in Fig. 4; 



- 3 - 



Fig. 6 is a block diagram showing details of the 
arrangement of the operation unit of the image 
processing apparatus shown in Fig* 3; 

Fig. 7 is a view showing an image displayed when 
5 authentication to the image processing apparatus is 
performed; 

Fig. 8 is a flow chart showing the flows of basic 
processes on the client (browser) side and on the HTTP 
server side in the image processing apparatus; 
10 Fig. 9 is a view showing the top page image of a 

remote UI in this embodiment; 

Fig. 10 is a view showing the displayed image of 
a display language switching pull-down menu 1001; 

Fig. 11 is a view showing the top page image in 
15 English when English is chosen in the display language 
switching pull -down menu; 

Fig. 12 is a view showing a display example of 
data stored in the image processing apparatus 110; 

Fig. 13 is a view showing operations which can be 
20 performed for files; 

Fig. 14 is a flow chart showing the flow of 
processing performed by add-on software in this 
embodiment ; and 

Fig. 15 is a flow chart showing the flow of an 
25 authentication process by which the security is 
strengthened. 
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DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 
A preferred embodiment of the present invention 
will now be described in detail in accordance with the 
accompanying drawings. 
5 This embodiment will be explained by taking a 

multi function peripheral (MFP) as an example of an 
image processing apparatus. This MFP is connected to a 
network, has a plurality of functions such as a scanner 
function, printer function, and facsimile function, and 

10 can be used as a copying machine, printer, scanner, and 
facsimile apparatus by using one of these functions or 
combining the functions. However, the present 
invention is not limited to the MFP. 

Fig. 1 is a block diagram showing the whole 

15 configuration of an image forming system according to 
the embodiment . As shown in Fig . 1 , an image 
processing apparatus 110 has a scanner 113 as an image 
input device, a printer 114 as an image output device, 
a control unit 111, and an operation unit 112 as a user 

20 interface. The scanner 113, printer 114, and operation 
unit 112 are connected to the control unit 111, and 
controlled by instructions from the control unit 111. 
The control unit 111 is connected to a network 
transmitting means such as a local area network (LAN) 

25 100. 

The LAN 100 is also connected to a host computer 
101 and authentication server 120 in addition to the 



- 5 - 



image processing apparatus 110. As will be described 
later, the host computer 101 includes a Web browser 
and, on the basis of an HTML (Hyper Text Markup 
Language) file received from the image processing 
5 apparatus 110 , acquires and displays information such 
as the status of the image processing apparatus. Also, 
the host computer 101 incorporates an encryption chip 
102 (to be described later) which the host computer 101 
uses to inquire of the authentication server 120 about 

10 files stored in the image processing apparatus 110 and 
operation levels capable of processing these files for 
each attribute. In addition, the authentication server 
120 includes a dictionary 121 which defines the 
operation levels . 

15 Fig. 2 is a block diagram showing the software 

configuration of the image processing apparatus. 
Referring to Fig. 2, a user interface (to be referred 
to as n UI" hereinafter) module 201 interfaces the image 
processing apparatus with user operations when the 

20 operator performs various operations or settings on the 
image processing apparatus. This module transfers 
input information to various modules (to be described 
later) and requests them to process the information or 
perform data setting or the like, in accordance with an 

25 operator's operation. 

An address book module 202 is a database module 
which manages the transmission destinations. 
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communication destinations, and the like of data. Data 
managed by the address book module 202 is added, 
deleted, or acquired by an operation from the UI module 
201. Also, the address book module 202 gives data 
5 transmission or communication information to each 

module (to be described later), in accordance with an 
operator ' s operation . 

A Web server module 203 notifies image processing 
apparatus management information in response to a 

10 request from a Web client (e.g., the host computer 
101). This management information is acquired via a 
universal send module 204, remote copy scan module 209, 
remote copy print module 210, and control API module 
218, all of which will be described layer. The Web 

15 client is notified of the acquired management 
information via an HTTP module 212, TCP/IP 
communication module 216, and network driver 217, all 
of which will be described later. 

The universal send module 204 controls 

20 distribution of data. That is, the universal send 

module 204 distributes data designated by the operator 
via the UI module 201 to communication (output) 
destinations designated in the same way. If the 
operator designates generation of distribution data by 

25 using a scanner function of this apparatus, the 

universal send module 204 operates the apparatus via 
the control API module 218 to generate the data. 
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A printer module 205 in the universal send module 
204 is executed when a printer is designated as an 
output destination. An e-mail module 206 in the 
universal send module 204 is executed when an e-mail 
5 address is designated as a communication destination. 
A database module 207 in the universal send module 204 
is executed when a database is designated as an output 
destination. A DP module 208 in the universal send 
module 204 is executed when an image processing 

10 apparatus analogous to this apparatus is designated as 
an output destination. 

The remote copy scan module 209 reads image 
information by using the scanner function of the image 
processing apparatus, and outputs the read image 

15 information to another image processing apparatus 
connected by the network or the like, thereby 
performing the copy function realized by this image 
processing apparatus by using the other image 
processing apparatus. 

20 The remote copy print module 210 outputs image 

information obtained by another image processing 
apparatus connected by the network or the like by using 
the printer function of this image processing 
apparatus , thereby performing the copy function 

25 realized by this image processing apparatus by using 
the other image processing apparatus. 

A Web pull print module 211 loads information of 
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various homepages on the Internet or on an intranet , 
and prints the loaded information. 

The HTTP module 212 is used when the image 
processing apparatus performs HTTP communication. That 
5 is, the HTTP module 212 provides a communication 

function to the Web server module 203 or Web pull print 
module 211 by using the TCP/IP communication module 
216. 

An Ipr module 213 provides a communication 
10 function to the printer module 205 in the universal 
send module 204 by using the TCP/IP communication 
module 216. 

An SMTP module 214 provides a communication 
function to the e-mail module 206 in the universal send 
15 module 204 by using the TCP/IP communication module 
216. 

An SLM (SaLutation Manager) module 215 provides a 
communication function to the database module 207 and 
DP module 208 in the universal send module 204, and to 
20 the remote copy scan module 209 and remote copy print 
module 210, by using the TCP/IP communication module 
216. 

The TCP/IP communication module 216 provides a 
network communication function to the various modules 
25 described above by using the network driver 217. The 
network driver 217 controls portions physically 
connected to the network. 
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The control API 218 provides an upstream module 
such as the universal send module 204 with an interface 
to a downstream module such as a job manager module 219 
(to be described below)* This reduces the dependence 
5 between the upstream and downstream modules, and 
increases the versatility of these modules. 

The job manager module 219 interprets various 
processes designated from the various modules described 
above via the control API 218, and gives instructions 
10 to individual modules (220, 224, and 226) to be 

described below. Also, the job manager module 219 
singly manages hardware processing executed in the 
image processing apparatus. 

A codec manager module 220 manages and controls 
15 various data compression and expansion processes among 
other processes designated by the job manager module 
219. 

An FBE encoder module 221 compresses, by using an 
FBE format, data loaded by a scan process executed by 
20 the job manager module 219 or by a scan manager module 
224 (to be described later). 

A JPEC codec module 222 performs JPEG compression 
for loaded data and JPEG expansion for printing data, 
in a scan process executed by the job manager module 
25 219 or scan manager module 224 or in a printing process 
executed by a print manager module 226. 

An MMR codec module 223 performs MMR compression 
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for loaded data and MMR expansion for printing data, in 
a scan process executed by the job manager module 219 
or scan manager module 224 or in a printing process 
executed by the print manager module 226. 
5 The scan manager module 224 manages and controls 

a scan process designated by the job manager module 
219. A SCSI driver 225 controls communication between 
the scan manager module 224 and a scanner internally 
connected to the image processing apparatus. 

10 The print manager module 226 manages and controls 

a printing process designated by the job manager module 
219. An engine I/F module 227 provides an interface 
between the print manager module 226 and a printer. 

A parallel port driver 228 provides an interface 

15 when the Web pull print module 211 outputs data to an 
output device (not shown) via a parallel port. 

Fig. 3 is a block diagram showing details of the 
arrangement of the image processing apparatus. As 
shown in Fig. 3, the control unit 111 is a controller 

20 connected to the scanner 113 as an image input device 

and the printer 114 as an image output device, and also 
connected to a LAN or a public line (WAN) , thereby 
inputting and outputting image information and device 
information. 

25 In the control unit 111, a CPU 301 is a 

controller for controlling the entire system. A RAM 
302 is a system work memory which the CPU 301 uses to 
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operate. The RAM 302 is also an image memory for 
temporarily storing image data. A ROM 303 is a boot 
ROM which stores a system boot program. An HDD 304 is 
a hard disk drive which stores system software, image 
5 data, files (to be described later), and the like. 

An operation unit I/F 306 interfaces with the 
operation unit (UI) 112, and outputs image data to be 
displayed on the operation unit 112 to the operation 
unit 112. The operation unit I/F 306 also transmits to 

10 the CPU 301 information input by the user via the 
operation unit 112. 

A network I/F 308 connects to the LAN 100, and 
inputs and outputs information from and to the LAN 100. 
A modem 309 connects to the public line, and inputs and 

15 outputs information from and to the public line. These 
devices described above are arranged on a system bus 
307. 

An image bus I/F 305 is a bus bridge which 
connects the system bus 307 to an image bus 310 which 
20 transfers image data at high speed, thereby converting 
a data structure. The image bus 310 is a PCI bus or 
IEEE1394. 

The following devices are arranged on the image 
bus 310. A raster image processor (RIP) 311 rasterizes 
25 a PDL code transmitted from the network into an bit map 
image. A device I/F 312 connects the scanner 113 and 
printer 114 as image I/O devices to the control unit 
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Ill, and performs synchronous /asynchronous image data 
conversion, 

A scanner image processor 313 corrects, 
processes, and edits input image data. A printer image 
5 processor 314 performs correction, resolution 

conversion, and the like of the printer with respect to 
image data to be printed out. An image rotator 315 
rotates image data. An image compressor 316 performs 
JPEG compression/expansion for multilevel image data, 
10 and JBIG, MMR, or MH compression/expansion for binary 
image data. 

Fig. 4 is a view showing the external appearance 
of the image processing apparatus of this embodiment. 
The scanner 113 as an image input device shown in 

15 Fig. 4 optically reads an image on an original by 

scanning the image by a CCD line sensor (not shown), 
and generates and outputs raster image data. When the 
user sets originals in a tray 406 of a document feeder 
405 and designates activation of read on the operation 

20 unit 112, the controller CPU 301 gives an instruction 
2071 to the scanner 113. Consequently, a feeder (not 
shown) feeds the originals one by one, and the scanner 
113 reads an image on each original. 

The printer 114 as an image output device prints 

25 raster image data on a sheet of paper. The system of 
printing can be either an electrophotographic system 
using a photosensitive drum or photosensitive belt, or 
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an Inkjet system by which an image is directly printed 
on a paper sheet by discharging ink from a micro nozzle 
array. Note that the printing operation is activated 
by an instruction 2096 from the controller CPU 301. 
5 The printer 114 has a plurality of paper feed 

stages so that different sheet sizes or different sheet 
directions can be selected, and has corresponding sheet 
cassettes 401, 402, and 403. A paper delivery tray 404 
receives printed sheets. 

10 Fig. 5 is a view showing the arrangement of the 

operation unit 112 shown in Fig. 4. As shown in 
Fig. 5, a touch panel sheet 502 is adhered on an LCD of 
an LCD unit 501, and a system operation window and soft 
keys are displayed. When a displayed key is touched, 

15 position information indicating the touched position is 
transmitted to the controller CPU 301. 

A start key 505 shown in Fig. 5 is used to, e.g., 
start an operation of reading an original image. An 
LED indicator 506 having two colors, i.e., green and 

20 red, is formed in the central portion of the start key 
505 to indicate in accordance with the color whether 
the start key 505 is usable. A stop key 503 is used to 
stop an operation currently being performed. An ID key 
507 is used to input the user ID of a user. A reset 

25 key 504 is used to initialize settings from the 
operation unit . 

Fig. 6 is a block diagram showing details of the 
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arrangement of the operation unit of the image 
processing apparatus shown in Fig. 3. As described 
earlier, the operation unit 112 is connected to the 
system bus 307 via the operation unit I/F 306. The 
5 system bus 307 is connected to the CPU 301 , RAM 302, 
ROM 303, and HDD 304. The CPU 301 comprehensively 
controls access to the various devices connected to the 
system bus 307, on the basis of the control program and 
the like stored in the ROM 303 and HDD 304. Also, the 

10 CPU 301 loads input information from the scanner 113 

connected via the device I/F 312, and outputs an image 
signal as output information to the printer 114 
connected via the device I/F 312. The RAM 302 
functions as a main memory, work area, and the like of 

15 the CPU 301. 

Referring to Fig. 6, a user input from the touch 
panel 502 or the hard key 503, 504, 505, or 507 is 
transferred to the CPU 301 via an input port 601. On 
the basis of the contents of this user input and the 

20 control program, the CPU 301 generates display image 

data, and outputs the display image to the LCD unit 501 
via an output port 602 for controlling a display image 
output device. The CPU 301 also controls the LED 
indicator 506 as needed. 

25 A remote UI (remote user interface) as a 

characteristic function of this embodiment will be 
explained below. 
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This remote UI is a function of acquiring or 
setting information indicating the status or the like 
of the apparatus 110, or performing an operation such 
as printing or transmission (universal send), from an 
5 external apparatus . The user can use this remote UI 
function by using a Web browser or the like from the 
host computer 101 connected to the LAN 100. 

As shown in FIG. 2, the Web server module 203 is 
operating in the apparatus 110 and makes HTTP (Hyper 

10 Text Transfer Protocol) communication possible. In the 
Web server module 203, a CGI (Common Gateway Interface) 
program activated by a request from the host computer 
(client) 101 can be operated. Resource files and page 
template files are stored in the HDD 304 shown in 

15 Fig. 3 and used by the remote UI . The resource files 
include HTML (Hyper Text Markup Language) files, image 
files, and the like used to display pages. The 
template files include files looked up by the CGI 
program and used to form pages. 

20 To access the apparatus 110, the user directly 

inputs a URL (Uniform Resource Locator) indicating the 
address of a resource to the Web browser (client 
browser) of the host computer 101, or selects a link in 
which this URL is embedded. The client browser 

25 transmits an HTTP command which designates the URL 
input by the user to the apparatus 110 across the 
network. The Web server 203 of the apparatus 110 
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receives and analyzes this HTTP command, and performs 
an operation corresponding to the command. 

If the request from the client browser is not a 
CGI program request, the designated one of the 
5 resources is transmitted to the client browser, and the 
process is terminated. If the request form the client 
browser is a CGI program request, the corresponding CGI 
program is activated. Upon activation, this CGI 
program can receive a query parameter, and the value 

10 designated from the browser by the user is transferred. 
In accordance with the request, the CGI program 
requests the apparatus 110 to perform an operation, 
e.g., acquire and set the apparatus information, or 
print out the data. Also, the CGI program forms a page 

15 to be transmitted by using a template file 

corresponding to the page. This template file contains 
a portion in which description is changed by using the 
acquired information. Therefore, a page having 
contents corresponding to the present status can be 

20 formed. On the other hand, the Web browser of the host 
computer 101 displays the page returned from the 
apparatus 110 on the screen. 

As described above, by accessing the apparatus 
110 from the Web browser of the host computer 101 by 

25 using the remote UI , it is possible to acquire and set 
the function, status, and held information of the 
apparatus 110, or operate the apparatus. 
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From the point of view of security, however, when 
the user intends to access data in the image processing 
apparatus by using the remote UI , he or she must 
perform user authentication by using a user name 701 
5 and password 702 shown in Fig. 7. 

In this embodiment, the host computer 101 on the 
client side is requested to transmit the user name 701 
and password 702, and authentication is performed by 
looking up a predetermined database in the HDD 304 of 

10 the image processing apparatus 110. Information which 
can be acquired and set by this remote UI includes, 
e.g., apparatus information such as usable paper sizes 
and the remaining amount, information of the activated 
job, document information stored in the storage device, 

15 address information such as e-main and FAX, and setting 
information concerning the network. Examples of 
operations which can be performed by the remote UI are 
print out of document information held in the image 
processing apparatus 110, browsing of the document 

20 information by the host computer 101, and save and 
transmission of the data. 

The authorized user (or host computer 101) 
downloads, from the image processing apparatus 110, 
browsing software and add-on software for controlling 

25 the data access right in the image processing apparatus 
110. First, the flow of processing pertaining to the 
browsing software will be described below. In this 
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description, the flow of processing by the add-on 
software is also explained. 

The flows of basic processes on the client 
(browser) side as the host computer 101 and on the HTTP 
5 server (to be simply referred to as a "server" 

hereinafter) side in the image processing apparatus 110 
will be explained. 

Fig. 8 is a flow chart showing the flows of basic 
processes on the client (browser) side and on the HTTP 

10 server side in the image processing apparatus. First, 
in step S801, the client waits until the user inputs a 
URL. If a URL is input, the flow advances to step S802 
to transmit an HTTP command to the server. In step 
S803, the client waits until a response from the server 

15 is received. If the response is received, the flow 
advances to step S804 to form and display an HTML 
document, and one session is complete. On the other 
hand, in step S811, the server waits until an HTTP 
command is received from the client (browser) . If an 

20 HTTP command is received, the flow advances to step 
S812 to determine whether the command is a CGI 
activation request. If the command is a CGI activation 
request, the step advances to step S813 to analyze a 
CGI parameter. In step S814, the CGI program is 

25 activated, and one session is complete. If the command 
is not a CGI activation request in step S812, the flow 
advances to step S815 to return the designated resource 
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file as a response, and one session is complete. 

An operation when the user performs browsing, 
download, or the like for document information in the 
image processing apparatus 110 by using the remote UI 
5 while monitoring the browser display image of the 

client will be described below. Add-on software for 
controlling the access right to document information 
will be explained first, and then an authentication 
process performed by the add-on software will be 

10 explained. 

Fig. 9 is a view showing the top page image of 
the remote UI according to this embodiment. As shown 
in Fig. 9, this top page image is made up of two 
frames, i.e., an index area 901 and main area 902. The 

15 index area 901 displays a map of main sites. When the 
user touches a button on the map, a corresponding image 
is displayed in the main area 902. This top page is an 
image which displays general information of the 
apparatus 110. In addition, a device information page, 

20 job status page, box page, and user mode page are 

displayed when buttons (a device button 904, job status 
button 905, box button 906, and user mode button 907, 
respectively) arranged in the index area 901 are 
touched. Also, the top page is displayed when a button 

25 903 for returning to the top page is touched on a page 
other than the top page. A display language switching 
pull-down menu button 908 is used to select a display 
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language. When the display language switching 
pull-down menu button 908 is touched, a display 
language switching pull -down menu 1001 shown in Fig. 10 
is displayed. When the user selects a language from 
5 the pull-down menu 1001, the top page is displayed in 
the selected language. 

Fig. 11 is a view showing an English top page 
image when English is selected in the display language 
switching pull-down menu. 

10 Next, add-on software for controlling the access 

right to data in the image processing apparatus 110 
will be described. When the box 906 is chosen in the 
top page image (Fig. 9) of this remote UI, data stored 
in the image processing apparatus 110 as shown in 

15 Fig. 12 can be browsed. The browsing software is so 
configured that the user can check attribute 
information such as a folder name 1201 of a folder 
storing the file as shown in Fig. 12, a file name 1202, 
a file size 1203, and a file formation date 1204. The 

20 user can manipulate the file by a mouse (not shown) or 
keyboard (not shown) attached to the host computer 101 
by using the remote UI. 

In the example shown in Fig. 12, when the user 
selects "Suzuki" in the folder 1201, he or she can 

25 browse the attributes (1202 to 1204) of the file stored 
in the folder. The attributes of a file name 1205 
cannot be checked. The procedure of file manipulation 
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will be explained below by taking a browsable file 1206 
as an example. 

Note that the attributes explained below of even 
the file 1205 whose file name cannot be browsed can be 
5 checked by selecting this file and executing one of the 
operations explained below. 

As the operation procedure, the file 1206 shown 
in Fig. 12 will be taken as an example, and operations 
performed for the file 1206 will be explained. 
10 First, when the file 1206 is selected, file 

download 1301, browsing 1302, print 1303, and transfer 
1304 as shown in Fig. 13 are displayed. 

These operations will be described by taking 
download 1301 as a representative example. However, 
15 the flow of operation for any other attribute is 
basically the same as download 1301. 
[Download] 

When download 1301 is selected, add-on software 
downloaded to the host computer 101 simultaneously with 
20 browsing software is automatically executed. Fig. 14 
shows processing performed by this automatically 
executed add-on software according to this embodiment. 

First, in step S1401, the add-on software is 
activated. In step S1402, encryption data stored in 
25 the encryption chip 102 incorporated into the host 

computer 101 is read out. The encryption chip 102 is, 
.g., an IC chip to which a PCMCIA card can be attached 
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as an I/F. In step S1403, the acquired encryption code 
is used to inquire of the authentication server 120, 
which is the destination indicated by an IP address 
which the add-on software has in advance, about the 
5 operation level of the selected file 1206. The 
authentication server 120 has the dictionary 121 
defining files stored in the image processing apparatus 
110 and operation levels capable of processing these 
files for each attribute. The authentication server 

10 120 determines whether the attribute is registered in 
the dictionary 121. If the attribute (in this example, 
download 1301) selected by the remote UI displayed on 
the host computer 101 is registered, the flow advances 
to step S1404 to start the processing (download of the 

15 file 1206} of this attribute. If the attribute which 
the user who has accessed is to be permitted to use is 
not registered in the dictionary 121, the flow advances 
to step S1405 to inhibit the processing (download of 
the file 1206) of the attribute. It is also possible 

20 to form a message indicating that the user who has 

accessed is inhibited to use the processing (download 
of the file 1206) of the attribute, and transmit the 
message to the client's browser. 

Fig. 15 shows the flow of an authentication 

25 process by which the security is strengthened according 
to this embodiment explained above. Assume that the 
user wants to print out a file held in the image 
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processing apparatus 110, browse the file on the host 
computer 101, or save or transmit the data, from the 
host computer 101 by using the remote UI. In step 
S1501, the user inputs the user name 701 and password 
5 702 shown in Fig. 7 to perform authentication to the 

image processing apparatus 110. If this authentication 
is permitted, the flow advances to step S1502 to 
download the browsing software and add-on software 
described above from the image processing apparatus 

10 110. Also, the top page image of the remote UI shown 
in Fig. 9 is displayed in the Web browser of the host 
computer 101. When the box button 906 in the index 
area 901 is selected, the browsing software is 
activated to display the file manipulation image as 

15 shown in Fig. 12. 

If the file 1206 shown in Fig. 12 is selected, 
for example, the above-mentioned add-on software is 
activated in step S1504, and encryption data stored in 
the encryption chip 102 incorporated into the host 

20 computer 101 is acquired in step S1505. In step S1506, 
the acquired encryption data is used to inquire of the 
authentication server 120 about authentication of the 
attribute level with respect to the file 1206 selected 
by the user. After that, this authentication process 

25 is terminated. 

In this embodiment, the authentication server 120 
performs the authentication process for each attribute 
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of data to be browsed stored in the image processing 
apparatus 110. However, this authentication process 
may also be performed by the image processing apparatus 
110 itself or the host computer 101 itself. 
5 Alternatively, another image processing apparatus 

connected to the network or the like can perform the 
authentication process. 

In the embodiment, the add-on software is used to 
authenticate each attribute of data to be browsed 

10 stored in the image processing apparatus 110, and the 
IP address of the authentication server 120 for 
performing authentication is downloaded from the image 
processing apparatus 110 together with the add-on 
software in advance. However, it is also possible to 

15 reinquire of the image processing apparatus 110 about 
information indicative of the presence of the 
authentication server 120. 

Furthermore, each attribute of data to be browsed 
stored in the image processing apparatus 110 is 

20 authenticated on the basis of the dictionary 121 held 
by the authentication server 120. However, the 
dictionary 121 need not be held in the authentication 
server 120, and the authentication server 120 may also 
have information indicating the location of a second 

25 authentication server having the dictionary 121. 

In this embodiment as has been described above, 
an image processing apparatus does not exclusively 
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control the security of a remote UI by which the image 
processing apparatus is operated from a remote place, 
but authentication is checked on the basis of 
downloaded add-on software and an encryption chip in a 
5 host computer, thereby increasing the security level. 
Also, this authentication is performed by an 
authentication server in accordance with an instruction 
from the add-on software, by acquiring encryption data 
and using this encryption data and a dictionary 

10 describing authentication levels. This further 
increases the secrecy. 

Furthermore, since the encryption chip is a 
detachable IC chip such as a PCMCIA card, it is 
possible to utilize various host computers. 

15 The present invention can be applied to a system 

constituted by a plurality of devices (e.g., a host 
computer, interface, reader, and printer) or to an 
apparatus (e.g., a copying machine or facsimile 
apparatus) comprising a single device. 

20 Further, the object of the present invention can 

also be achieved by supplying a recording medium 
recording the program code of software for implementing 
the functions of the above embodiment to a system or 
apparatus, and reading out and executing the program 

25 code stored in the recording medium by a computer (or a 
CPU or MPU) of the system or apparatus. 

In this case, the program code read out from the 
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recording medium implements the functions of the 
embodiment, and the recording medium recording this 
program code constitutes the invention. 

As this recording medium for supplying the 
5 program code, it is possible to use, e.g., a floppy 
(registered trademark) disk, hard disk, optical disk, 
magnetooptical disk, CD-ROM, CD-R, magnetic tape, 
nonvolatile memory card, and ROM. 

Furthermore, besides the functions of the above 

10 embodiment are implemented by executing the readout 
program code by the computer, the present invention 
includes a case where an OS (Operating System) or the 
like running on the computer performs part or the whole 
of actual processing in accordance with instructions by 

15 the program code and thereby implements the functions 
of the embodiment. 

Furthermore, the present invention also includes 
a case where the program code read out from the 
recording medium is written in a memory of a function 

20 expansion board inserted into the computer or of a 

function expansion unit connected to the computer, and, 
in accordance with instructions by the program code, a 
CPU or the like of the function expansion board or 
function expansion unit performs part or the whole of 

25 actual processing and thereby implements the functions 
of the above embodiment . 

As has been described above, the embodiment of 



- 27 - 



the present invention can strengthen the security when 
a host computer connected to a network is to remotely 
control information in an image processing apparatus. 

As many apparently widely different embodiments 
of the present invention can be made without departing 
from the spirit and scope thereof, it is to be 
understood that the invention is not limited to the 
specific embodiments thereof except as defined in the 
appended claims. 
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